U.S. warns financial firms of al Qaeda threat
Officials tell private financial services of threat, so far uncorroborated, to stock trading and banking Web sites.
WASHINGTON (CNN) -- A Department of Homeland Security advisory cautioning that al Qaeda may be planning cyber attacks on banking and financial institution Web sites was issued out of an abundance of caution, although there is no corroboration, a DHS spokesman told CNN Thursday.
The threat apparently was posted on a jihadist Web site, the spokesman said. It was discovered Nov. 27 by DHS and translated. The department decided to send an advisory out to financial institutions out of caution.
"There is no information to corroborate this aspirational threat," said DHS spokesman Russ Knocke, saying the advisory was sent out "as a routine matter and out of an abundance of caution."
The Web site warned that denial-of-service attacks would be launched against stock and banking sites during the month of December through what the Web site called the "infidel New Year's."
A denial-of-service attack involves repeatedly bombarding a server with so many hits that it shuts down.
The advisory was issued by the U.S. Computer Emergency Readiness Team, a partnership between the government and private industry.
It was necessary, the DHS spokesman said, because the Web site called for those with special skills to act on their own in launching the attacks.
In August of 2004, the Department of Homeland Security put financial institutions in New York City and Washington, D.C. including the headquarters of Citigroup (Charts) and Prudential Financial (Charts) on high alert including, saying it had specific intelligence of possible terror attacks.
Robert Albertson, a chief investment strategist for Sandler O'Neill & Partners in New York, told Reuters it was unlikely al Qaeda members could do serious harm to financial Web sites.
"I'm not saying there aren't precautions to be taken, but I just can't fathom how there would be serious havoc," Albertson said.
A government source told the news agency that government regulators were being briefed on the warning.
Johannes Ullrich, a cyber security expert at the Sans Institute research group, told Reuters he didn't put much stock in the threat, saying such warnings cropped up from time to time and that penetrating databases of financial institutions was far easier said than done.
--from CNN's Jeanne Meserve and Kelli Arena
--Reuters contributed to this report